It is a matter of when and not if Cheltenham Borough Council is breached by a cyber attack.

So said one of the authority’s most senior members at a full council meeting.

Councillor Roger Whyborn (LD, Up Hatherley) said, in a written response to a query from another councillor: “It is worth noting that with cyber security, it is not a question of if we are breached, but when. Even organisations like the Pentagon have been successfully breached.

Read More

“Therefore it is very important to have good disaster recovery and backup procedures, that are tested on a regular basis, in place, which we have. This will then help ensure systems can be recovered quickly following an incident, limiting any disruption to the councils providing services to the public.”

He was responding to a point made by Councillor Tim Harman (C, Park), that he and other councillors had been getting spam coming into their council email accounts. He said sometimes they had been made to look like they had come from council officers.

Cheltenham Borough Council is vulnerable to a cyber attack, it has said

He added that he had deleted them but wanted to know what steps were being taken to improve the council’s cyber security.

Mr Whyborn said, in his response: “The ICT service take the issue of cyber security very seriously and have adopted a layered approach which involves systems designed to watch for malicious emails and constantly adjust their settings as new threats are detected, to ensure anything identified as a threat is automatically blocked and quarantined.”

The council chamber at Cheltenham Borough Council's Municipal Offices

On average, the partnership of four councils that the authority belongs to (the others being Cotswold District Council, Forest of Dean District Council and West Oxfordshire District Council) blocks 30,00 spam and malicious emails every day. This equates to 80 per cent of the daily emails they receive.